#include"head.h"
int login (int fd,transport_protocol_t *msg){
    //TODO:从客户端获取recv账号和密码
    char username[60];
    char password[60];
    char mode;
    MYSQL_RES *result;
    while(1){
        int name_len=0;
        int pass_len=0;
        bzero(username,sizeof(username));
        bzero(password,sizeof(password));
        bzero(&mode,sizeof(mode));
        int ret_rec= recv(fd,&mode,1,0);
        if(ret_rec==0){
            break;
        }
        recv(fd,&name_len,sizeof(int),0);
        recv(fd,username,name_len,0);
        username[name_len-1]='\0';
        recv(fd,&pass_len,sizeof(int),0);
        recv(fd,password,pass_len,0);
        password[pass_len-1]='\0';
        //1. mysql_query()
        if(mode=='r'){//1.查询用户是否存在 2.不存在才可以注册 3.注册
            char end_sql[200];
            //拼接查询语句
            bzero(end_sql,sizeof(end_sql));
            const char *select_sql="select user_id from bd_user where username=";
            sprintf(end_sql,"%s '%s';",select_sql,username);
            int sql_len= strlen(end_sql);
            end_sql[sql_len-1]='\0';
            int ret= mysql_query(&msg->my_sql,end_sql);
            fprintf(stderr,"%s\n",mysql_error(&msg->my_sql));
            result= mysql_store_result(&msg->my_sql);
            my_ulonglong r_ret=mysql_num_rows(result);
            //检查用户是否存在
            if(r_ret!=0){//注册失败，用户已存在，返回1;
                int r_flag=1;
                send(fd,&r_flag,sizeof(int),0);
                break;
            }

            //拼接插入bd_user表sql语句
            bzero(end_sql,sizeof(end_sql));
            //生成随机盐值
            char*random_string=generate_random_string(7);
            char salt[100]={0};
            sprintf(salt, "$6$%s$", random_string);
            char* encrypted=crypt(password,salt);
            //开始拼接
            const char *front_sql="insert into bd_user(username,password_hash,salt) values(";
            sprintf(end_sql,"%s '%s', '%s', '%s');",front_sql,username,encrypted,salt);
            sql_len= strlen(end_sql);
            end_sql[sql_len-1]='\0';
            ret=mysql_query(&msg->my_sql,end_sql);
            //拼接插入bd_file表sql语句
            //1.查询刚刚插入的用户的user_id
            bzero(end_sql,sizeof(end_sql));
            sprintf(end_sql,"select user_id from bd_user where username='%s'",username);
            mysql_query(&msg->my_sql,end_sql);
            if(!mysql_error(&msg->my_sql)){
                fprintf(stderr,"query:%s",mysql_error(&msg->my_sql));
            }
            result=mysql_store_result(&msg->my_sql);
            MYSQL_ROW row=mysql_fetch_row(result);
            //2.开始插入bd_file 表
            bzero(end_sql,sizeof(end_sql));
            sprintf(end_sql,"insert into bd_file(filename,user_id,parent_id,url,file_type,file_hash,delete_flag,upload_flag) values('/',%s,-1,'/',1,NULL,0,NULL);",row[0]);
            mysql_query(&msg->my_sql,end_sql);
            if(!mysql_error(&msg->my_sql)){
                fprintf(stderr,"query:%s",mysql_error(&msg->my_sql));
            }

            if(ret!=0){
                const char *error= mysql_error(&msg->my_sql);
                puts(error);
            }else{//说明注册成功返回0
                int r_flag=0;
                send(fd,&r_flag,sizeof(int),0);
                LOG_WRITE(2,"注册成功");
                break;
            }

        }else if(mode=='l'){
            // mysql_query();
            //获得查询结果
            //2.mysql_store_result();
            //判断结果是否为空
            //3.my_ulonglong ret=my_ulonglong mysql_num_rows();
            char end_sql[100];
            bzero(end_sql,sizeof(end_sql));
            const  char *front_sql="select password_hash ,user_id ,salt from bd_user where username=";
            sprintf(end_sql,"%s '%s';",front_sql,username);
            int len =strlen(end_sql);
            end_sql[len-1]='\0';
            //执行查找语句
            int ret =mysql_query(&msg->my_sql,end_sql);
            if(ret!=0){
                const char *error= mysql_error(&msg->my_sql);
                puts(error);
            }
            //接收查询结果
            result=mysql_store_result(&msg->my_sql);
            my_ulonglong num=mysql_num_rows(result);
            if(num==0){
                //说明用户不存在
                int l_flag=1;
                send(fd,&l_flag,sizeof(int),0);
                break;
                //给客户端发送信息表示用户不存在需要注册
            }else{
                //获取一行结果
                MYSQL_ROW row=mysql_fetch_row(result);
                //用表内的盐值和接收的密码进行带盐值哈希
                char* encrypted=crypt(password,row[2]);
                if(strcmp(encrypted,row[0])==0){
                    //密码正确，取到user_id
                    memcpy(msg->user_id,row[1],sizeof(msg->user_id));
                    //返回消息表示登录成功
                    int l_flag=0;
                    send(fd,&l_flag,sizeof(int),0);
                    transport_protocol_t temp_msg;
                    bzero(&temp_msg,sizeof(temp_msg));
                    char*token;
                    ser_jwt(username,password,&token);
                    memcpy(temp_msg.token,token,sizeof(temp_msg.token));
                    send(fd,&temp_msg,sizeof(temp_msg),0);
                    LOG_WRITE(2,"登录成功");
                    break;
                }else{
                    //说明密码输错了，返回-1；
                    int l_flag=-1;
                    send(fd,&l_flag,sizeof(int),0);
                    break;
                }
                //说明用户存在
                //计算从客户端获取的密码的加盐哈希值和结果进行比对
                //根据比对结果给客户端发送登录成功和密码错误的信息

            }
        }
    }
    return 0;
}
